hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Modify sinks

Browse Source
This commit is contained in:
haby0
2021-09-17 17:29:40 +08:00
parent c60eded2de
commit 99167539fb
1 changed files with 31 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
python/ql/src/experimental/semmle/python/frameworks/Log.qll
View File

@@ -20,7 +20,9 @@ private module log {
* See https://docs.python.org/3/library/logging.html#logger-objects
*/
private class LogOutputMethods extends string {
LogOutputMethods() { this in ["info", "error", "warn", "warning", "debug", "critical"] }
LogOutputMethods() {
this in ["info", "error", "warn", "warning", "debug", "critical", "exception", "log"]
}
}
/**
@@ -33,7 +35,13 @@ private module log {
this = API::moduleImport("logging").getMember(any(LogOutputMethods m)).getACall()
}
override DataFlow::Node getAnInput() { result = this.getArg(_) }
override DataFlow::Node getAnInput() {
this.getFunction().(DataFlow::AttrRead).getAttributeName() != "log" and
result = this.getArg(0)
or
this.getFunction().(DataFlow::AttrRead).getAttributeName() = "log" and
result = this.getArg(1)
}
}
/**
@@ -51,7 +59,13 @@ private module log {
.getACall()
}
override DataFlow::Node getAnInput() { result = this.getArg(_) }
override DataFlow::Node getAnInput() {
this.getFunction().(DataFlow::AttrRead).getAttributeName() != "log" and
result = this.getArg(0)
or
this.getFunction().(DataFlow::AttrRead).getAttributeName() = "log" and
result = this.getArg(1)
}
}
/**
@@ -68,7 +82,13 @@ private module log {
.getACall()
}
override DataFlow::Node getAnInput() { result = this.getArg(_) }
override DataFlow::Node getAnInput() {
this.getFunction().(DataFlow::AttrRead).getAttributeName() != "log" and
result = this.getArg(0)
or
this.getFunction().(DataFlow::AttrRead).getAttributeName() = "log" and
result = this.getArg(1)
}
}
/**
@@ -87,6 +107,12 @@ private module log {
.getACall()
}
override DataFlow::Node getAnInput() { result = this.getArg(_) }
override DataFlow::Node getAnInput() {
this.getFunction().(DataFlow::AttrRead).getAttributeName() != "log" and
result = this.getArg(0)
or
this.getFunction().(DataFlow::AttrRead).getAttributeName() = "log" and
result = this.getArg(1)
}
}
}